New worm crawling through blogs ?!

January 26, 2006 2:06 PM PST

I spotted it on Christopher Boyd's Vital Security blog. Chris is a Microsoft security MVP and security research manager at FaceTime, an instant messaging security company. However, this worm appears to have spread much further and has slithered around the world.

The worm is actually an animated GIF image. Bloggers all over have embedded it in their blogs and link to the creator's Web site. If you want to see the blog worm, go to Chris' blog or go directly to the source.

To infect your blog, you have to copy and paste a piece of HTML code into your blog.

I think this is kind of funny. On the flipside, however, there could be some security implications if the hoster of this "worm" decided to upload a malicious image that took control of the PC's that visit sites that show it.

http://news.com.com/2061-10789_3-6031795.html?part=rss&tag=6031795&subj=news

to see the worm (completely harmless) :

http://www.moox.nl/blogworm/

it's just a link that links to an animated gif (or else it wpouldn't be on CNET). But the interesting thing is that such a "prank" could become malicious if you embedded code into the image, which on the other hand is more difficult to do.

without additional payload that acts as an interpreter to the code embedded in the image. The additional payload would be a dead give away that something's up with the cargo.